<?php
session_start();
require_once "../basicInfo/user.php"; ?>
<?php include "../../layout/header.php"; ?>
<?php
    //set the current page in the seesion
    $_SESSION['currentPage'] = 'changePassword';
    //declare the variables to be used
    $user = NULL;
    $currentPassword = NULL;
    $currPasswordEntered = NULL;
    $newPassword = NULL;
    $confirmPassword = NULL;
    $messageArr = NULL;

    //now retrive the values from the session object

    $serializedUser = $_SESSION['userinfo'];
    $unserializedUser = unserialize($serializedUser);
    $user = $unserializedUser->getUserName();
    $fname =$unserializedUser->getFirstName();
    $lname = $unserializedUser->getLastName();
    $email = $unserializedUser->getEmail();
    $bday = $unserializedUser->getBday();
    $level = $unserializedUser->getLevel();
    $exp = $unserializedUser->getExp();
    $gold = $unserializedUser->getGold();
    $role = $unserializedUser->getRole();
    $isbanned = $unserializedUser->getIsBanned();
    $deaths = $unserializedUser->getDeaths();
    $bug = $unserializedUser->getBugkills();
    $qcreated =$unserializedUser->getQCreated();
    $currentPassword = $unserializedUser->getPassword();

    if(isset($_POST['submit']))
    {
        //retrieve the currentPassword from the db for the current user
       $messageArr = CheckPassword($currentPassword);
       $currPasswordEntered = $_POST['currentPassword'];
       $newPassword = $_POST['newPassword'];
       $confirmPassword = $_POST['confirmPassword'];
       if(!(isset($messageArr)))
       {

           //that means no error then update the db with the values obtained from post method and redirect to the profile page
           UserController::update_password($user , $newPassword );

           //on the successful execution direct to the profile page and update the session object
            $userObj = UserController::get_user($user,$fname, $lname, $email, $bday , $level, $exp,
            $gold,$role,$isbanned,$deaths,$bug,$qcreated,$currentPassword );
            $serializedObj = serialize($userObj);
            $_SESSION['userinfo'] = $serializedObj;

            //redirect to profile page
            header('Location: profile.php' );


       }
    }


?>
<?php
function CheckPassword($oldpass)
    {
        $message = NULL;
        $counter = 0;
        $limit = 35;
        if(empty ($_POST['currentPassword']))
        {
            $message[$counter] = "Please enter the Current Password";
            ++$counter;
        }
         elseif(($_POST['currentPassword']) != ($oldpass) )
        {
            $message[$counter] = "Current Password is not correct. Please enter correct password";
            ++$counter;
        }
        elseif((strlen($_POST['currentPassword'])) > $limit )
        {
            $message[$counter] = "Current Password should not be greater than ".$limit." characters";
            ++$counter;
        }
        if(empty ($_POST['newPassword']))
        {
            $message[$counter] = "Please enter the New Password";
            ++$counter;
        }
        elseif((strlen($_POST['newPassword'])) > $limit )
        {
            $message[$counter] = "New Password should not be greater than ".$limit." characters";
            ++$counter;
        }
        if(empty ($_POST['confirmPassword']))
        {
            $message[$counter] = "Please enter the Confirm Password";
            ++$counter;
        }
        elseif( ($_POST['newPassword']) != ($_POST['confirmPassword']) )
        {
            $message[$counter] = "New Password and Confirm Password do not match. Please enter correctly ";
            ++$counter;
        }
        elseif((strlen($_POST['confirmPassword'])) > $limit )
        {
            $message[$counter] = "Confirm Password should not be greater than ".$limit." characters";
            ++$counter;
        }

        return $message;
    }


?>
<style type="text/css"><!--

#labels
{
   text-align: right;
   width : 140px;
   display: inline;
   float : left;
   clear : left;

}
em.asterik
{
    color: red;
}

 #buttons
 {
    background-color:#DEB887;
    color: white;
    margin-left: 50px;
 }
--></style>

<?php include "../../layout/navleft.php"; ?>
<div id="content_small">
	<div class="container_brown">
		<div class="container_brown_title">Profile</div>
		<div class="profile_div">
		    <form action="changePassword.php" method="Post">
			    <div id="profile_heading">WelCome <?php print $user; ?> </div><br/><br/>
			    <?php if(isset($messageArr))
			    {
			        foreach( $messageArr as $key => $value){
			    ?>
			    <div class="error_text"><em class="asterik">* </em><?php print $value; ?></div>
			    <?php    }
			     } ?>
			    
			    <div>
			      <table class="profile_text">
			        <tr><td width="30%"><label id="labels" for="currentPassword"><em class="asterik">* </em>Current Password  : </label></td><td><input type="password" name="currentPassword" size="20" value=<?php print $currPasswordEntered; ?>></input></td></tr>
			        <tr><td><label id="labels" for="newPassword"><em class="asterik">* </em>New Password  : </label></td><td><input type="password" name="newPassword" size="20" value=<?php print $newPassword; ?>></input></td></tr>
			        <tr><td><label id="labels" for="confirmPassword"><em class="asterik">* </em>Confirm Password  : </label></td><td><input type="password" name="confirmPassword" size="20" value=<?php print $confirmPassword; ?>></input></td></tr>
			      </table>
			    </div> 
			     
			    <br/><br/><br/><br/>
			    
			    <input id="buttons" type="submit" name="submit" value="Update"/>
			    <input id="buttons" type="button" value="Cancel" onclick="window.location = 'changePassword.php'"/>
		    </form>
    	</div>
	</div>
</div>
<?php include "../../layout/navright.php"; ?>
<?php include "../../layout/footer.php"; ?>